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DETAILED ACTION 

Election/Restrictions 

Applicant's election of Group I, claims 1 and 4-19, in the reply filed on 08/20/08 is 
acknowledged. Because applicant did not distinctly and specifically point out the supposed 
errors in the restriction requirement, the election has been treated as an election without traverse 
(MPEP § 818.03(a)). 

Claims 20-24 and 26-33 are withdrawn from further consideration pursuant to 37 CFR 
1.142(b) as being drawn to a nonelected invention, there being no allowable generic or linking 
claim. Election was made without traverse in the reply filed on 08/28/08. 

Drawings 

The drawings are informal and are acceptable for examination purposes only. For 
example, Figs. 3 and 4 are informal. 
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Claim Rejections - 35 USC § 112 

The following is a quotation of the first paragraph of 35 U.S. C. 112: 

The specification shall contain a written description of the invention, and of the manner and process of making 
and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it 
pertains, or with which it is most nearly connected, to make and use the same and shall set forth the best mode 
contemplated by the inventor of carrying out his invention. 

Claims 1 and 4-19 are rejected under 35 U.S.C. 1 12, first paragraph, as failing to comply 
with the written description requirement. The claim(s) contains subject matter which was not 
described in the specification in such a way as to reasonably convey to one skilled in the relevant 
art that the inventor(s), at the time the application was filed, had possession of the claimed 
invention. 

Examiner cannot find support in the specification for the "computer-readable storage 
medium" of claim 1 . 

Examiner cannot find support in the specification for a "security assessment component 
that performs automated security threat analysis based in part on the modeling of the industrial 
automation device, a network access type and at least one of a formal threat analysis, a 
vulnerability analysis, a factory topology mapping, or an attack tree analysis to determine 
whether access should be granted to the industrial automation device", as recited in claim 1 . 

Claims 4-19 depend from claim 1 and incorporate the same deficiencies. 
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The following is a quotation of the second paragraph of 35 U.S.C. 1 12: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention. 

Claims 1 and 4-19 are rejected under 35 U.S.C. 112, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter which 
applicant regards as the invention. 

Claim 1 recites the limitation "the modeling of the industrial device" in line 10. There is 
insufficient antecedent basis for this limitation in the claim. 

Claims 4-19 depend from claim 1 and incorporate the same deficiency. 
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Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

Claims 1, 4-6, and 9-19 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
RammlerUS 2003/0105535 in view of Salowey US 7,370,350. 
Rammler discloses: 

1 . An automation security system, comprising: 

an asset component that defines an industrial automation device (e.g., [0185], [0327]); 

an access component, encoded in a computer-readable storage medium, that defines a 
security attribute associated with the industrial automation device (e.g., [0196], [0230], [0232]), 
the security attribute including a location attribute (e.g., [0196]: "Access can be 
controlled. . .based on a valid IP address") and a time attribute that grants access to the industrial 
automation device for a predetermined amount of time ; and 

a security component, encoded in a computer-readable storage medium, that regulates 
access to the industrial automation device based upon the security attribute and includes security 
assessment component that performs automated security threat analysis based in part on the 
modeling of the industrial automation device, a network access type and at least one of a formal 
threat analysis, a vulnerability analysis, a factory topology mapping, or an attack tree analysis to 
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determine whether access should be granted to the industrial automation device (e.g., [0196]: 
'Access can be controlled. . .based on a valid IP address"). 

4. The system of claim 1, the security component is based on at least one of 
automation and process control security (e.g., [01 84]-[01 85]), cryptography, and 
Authentication/ Authorization/ Accounting (AAA). 

5. The system of claim 1, the asset component describes at least one of factory 
components and groupings, the factory components are at least one of sensors, actuators, 
controllers, I/O modules, communications modules, or human-machine interface (HMI) devices 
(e.g., Figs. 5-8). 

6. The system of claim 5, the groupings include factory components that are grouped 
into at least one of machines, machines grouped into lines, or lines grouped into facilities (e.g., 
Figs. 5-8). 

9. The system of claim 1, further comprising a set of generic IT components and 
specification of values for parameters required to assemble and configure the IT components to 
achieve flexible access to the industrial automation device (e.g., Fig. 4, Fig. 6). 

10. The system of claim 9, the IT components include at least one of switches with 
virtual local area network (VLAN) capability, routers with access list capability, firewalls, 
virtual private network (VPN) termination devices, intrusion detection systems, AAA servers, 
configuration tools, or monitoring tools (e.g., Fig. 4, Fig. 6). 

11. The system of claim 1, further comprising security parameters and policies that 
are developed for physical and electronic security for various component types (e.g., [0196], 
[0230], [0232]). 
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12. The system of claim 1 1, the security parameters and policies further comprising at 
least one of security protection levels (e.g., [0196], [0230], [0232]), identification entry 
capabilities, integrity algorithms, or privacy algorithms. 

13. The system of claim 1, the security component includes at least one of 
authentication software, virus detection, intrusion detection, authorization software (e.g., [0196], 
[0230], [0232]), attack detection, protocol checker, or encryption software. 

14. The system of claim 13, the security component at least one of acts as an 
intermediary between an access system and one or more automation components, or facilitates 
communications between the access system and the one or more automation components (e.g., 
Fig. 4, Fig. 6). 

15. The system of claim 1, the security attributes are specified as part of a network 
request to gain access to the at least one industrial automation device, the security attributes 
included in at least one of a group, set, subset, or class (e.g., Fig. 4, Fig. 6, [0196], [0230], 
[0232]). 

16. The system of claim 15, the security component employs at least one 
authentication procedure and an authorization procedure to process the network request (e.g., 
[0196], [0230], [0232]). 

17. The system of claim 16, further comprising one or more security protocols 
including at least one of Internet Protocol Security (IPSec), Kerberos, Diffie-Hellman exchange, 
Internet Key Exchange (IKE), digital certificate, pre-shared key, or encrypted password, to 
process the network request (e.g., [0060], [0187]). 
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18. The system of claim 15, further comprising at least one of an access key or a 
security switch to control network access to a device or network (e.g., Fig. 4, Fig. 6, [0060], 
[0187]). 

19. The system of claim 18, the access key further comprises at least one of time, 
location, batch, process, program, calendar, or GPS (Global Positioning Information) to specify 
local and wireless network locations, to control access to the device or network (e.g., Fig. 4, Fig. 
6, [0060], [0187], [0196], [0230], [0232]). 

Rammler does not explicitly disclose a time attribute that grants access to the industrial 
automation device for a predetermined amount of time, as recited in claim 1 . 

Rammler does disclose a timeout feature (e.g., [0190]), but it does not appear to be in the 
context of granting access to a device for a predetermined amount of time. 

Salowey US 7,370,350 discloses a method and apparatus for re-authentication computing 
devices, comprising a time attribute that grants access to the industrial automation device for a 
predetermined amount of time (e.g., col. 7 lines 33-49). 

It would have been obvious to one having ordinary skill in the art at the time the 
invention was made to modify Rammler with Salowey since all the claimed elements were 
known in the prior art and one skilled in the art could have combined the elements as claimed by 
known methods with no change in their respective functions, and the combination would have 
yielded predictable results to one of ordinary skill in the art at the time of the invention. See 
KSR v. Teleflex, 127 S.Ct. 1727 (2007). 
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Claim 7 is rejected under 35 U.S.C. 103(a) as being unpatentable over Rammler as 
modified by Salowey as applied to claim 5 above, and further in view of Hammer et al. US 
2008/0016569. 

Rammler as modified by Salowey does not appear to explicitly disclose that the 
groupings have associated severity attributes including at least one of risk and security incident 
cost. 

Hammer et al. discloses a system for managing one or more security incidents and/or 
potential security incidents, wherein the potential security incidents include severity attributes 
including at least one of risk and security incident cost (e.g., [0015], [0097]). 

It would have been obvious to one having ordinary skill in the art at the time the 
invention was made to modify Rammler as modified by Salowey with Hammer et al. since all 
the claimed elements were known in the prior art and one skilled in the art could have combined 
the elements as claimed by known methods with no change in their respective functions, and the 
combination would have yielded predictable results to one of ordinary skill in the art at the time 
of the invention. See KSR v. Teleflex, 127 S.Ct. 1727 (2007). 
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Claim 8 is rejected under 35 U.S.C. 103(a) as being unpatentable over Rammler as 
modified by Salowey and Hammer et al. as applied to claim 7 above, and further in view of 
Schleiss et al. US 2003/0014500. 

Rammler as modified by Salowey and Hammer et al. does not appear to explicitly 
disclose an ISA S95 Model for Enterprise to Control System Integration to integrate security 
aspects across or within respective groupings. 

Schleiss et al. discloses ISA S95 Model for Enterprise to Control System Integration to 
integrate security aspects across or within respective groupings (e.g., [0007]-[0008], [0053]). 

It would have been obvious to one having ordinary skill in the art at the time the 
invention was made to modify Rammler as modified by Salowey and Hammer et al. with 
Schleiss et al. since all the claimed elements were known in the prior art and one skilled in the art 
could have combined the elements as claimed by known methods with no change in their 
respective functions, and the combination would have yielded predictable results to one of 
ordinary skill in the art at the time of the invention. See KSR v. Teleflex, 127 S.Ct. 1727 (2007). 
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Response to Arguments 

Applicant's arguments, see page 11, filed 01/22/09, with respect to the specification have 
been fully considered and are persuasive. The specification objections have been withdrawn in 
light of the amendments to the specification filed 01/22/09. 

Applicant's arguments, see page 11, filed 01/22/09, with respect to claims 7-10 have 
been fully considered and are persuasive. The rejection of claims 7-10 under 35 U.S.C. 112 2 nd 
paragraph have been withdrawn in light of the amendments filed 01/22/09. 

Applicant's arguments, see pages 1 1-12, filed 01/22/09, with respect to claims 1 and 4-19 
have been fully considered and are persuasive. The rejection of claims 1 and 4-19 under 35 
U.S.C. 101 have been withdrawn in light of the amendments filed 01/22/09. 

Applicant's arguments, see page 12, filed 01/22/09, with respect to the rejection of claims 
1, 4-6, and 9-19 have been fully considered but are not persuasive, and detailed in the action 
above. 
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Conclusion 

Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to RYAN A. JARRETT whose telephone number is (571)272-3742. 
The examiner can normally be reached on 10:00-6:30 M-F. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Albert Decady can be reached on (571) 272-3819. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Ryan A. Jarrett/ 

Primary Examiner, Art Unit 2121 

04/24/09 



